The confine-controller is a software package used for managing the Confine Testbed. Its main goal is to provide a web interface as well as a REST API on users behalf, allowing them to create and manage slices of the testbed.
This page hosts the development documentation of Confine's Controller, the content is accessible through the table of contents box on the right side.
Following some relevant external links:
django-admin.py is Django’s command-line utility for administrative tasks.
Check Django documentation for more info.
Displays the current confine-controller version. The output follows the schema described in PEP 386:
0.11.4 0.10.4a1 0.9.7b2
Get username given a session id.
$ python manage.py getuserbysessionid ztnsef1mzft8nw26073tnd0ahn93ogh7 vct vct (vct@example.com)
Upgrades confine-controller environment and installation performing required operations (database schema and data migration, dependencies installation…)
--from=VERSION indicate from wich Controller's version are you upgrading (i.e. 0.9.3). --development only install development requirements. --specifics only perform specifics operations. --no-restart avoid restarting the services after performing postupgrade operations. --no-upgrade-notes do not print specific upgrade notes.
Restart all related services. Usefull for reload configuration and files.
--no-celeryd Do not restart celeryd --no-celerybeat Do not restart celerybeat --no-apache2 Do not restart apache2 --no-uwsgi Do not restart uwsgi
Configures Apache2 to run with your controller instance.
--user=USER WSGIDaemonProcess user. --group=GROUP WSGIDaemonProcess group. --processes=PROCESSES WSGIDaemonProcess processes. --threads=THREADS WSGIDaemonProcess threads.
Configure Celeryd to run with your controller instance.
--username=USERNAME Specifies the system user that would generate the firmwares. --processes=PROCESSES Number of celeryd processes. --greenlets=GREENLETS Number of celeryd greenlets (gevent-based tasks).
Configures nginx + uwsgi to run with your controller instance.
--user=USER uWSGI daemon user. --group=GROUP uWSGI daemon group. --processes=PROCESSES uWSGI number of processes.
Setup PostgreSQL database.
--db_name=DB_NAME Specifies the database name to create. --db_user=DB_USER Specifies the user to connect to the database. --db_password=DB_PASSWORD Specifies the password to connect to the database. --db_host=DB_HOST Specifies the host where is the database. --db_port=DB_PORT Specifies the port to connect to the database.
Start all related services. Usefull for reload configuration and files.
--no-[SERVICE_NAME] Do not start SERVICE_NAME. Possible values: postgresql, tinc, celeryevcam, celeryd, celerybeat, uwsgi, nginx, apache2.
Run pyflakes syntax checks. Useful during development.
Stop all related services. Usefull for reload configuration and files.
--no-[SERVICE_NAME] Do not stop SERVICE_NAME. Possible values: postgresql, tinc, celeryevcam, celeryd, celerybeat, uwsgi, nginx, apache2.
Update project SECRET_KEY setting.
Upgrade controller's installation.
--pip_only Only run "pip install confine-controller --upgrade" (not execute postupgrade operations). --controller_version=VERSION Specifies what version of the controller you want to install. E.g. 0.11.1. NOTE: you can specify 'dev' version to install the development version using the git repository.
Prepare the system for generating firmware in userspace.
Synchronize existing plugins with the database.
Creates an RSA key for driving maintenance operations.
Run monitors to diagnose system health.
--email Whether you want the problems reported on stdout or email. --quiet Do not output anything.
Creates the crontab for running the local monitoring script.
Synchronize existing notifications with the database.
--override Override current notifications subject and messages
Creates an RSA key and the testbed CA (root) certificate.
--overide Force overide cert and keys if exists. --country=DN_COUNTRY Certificate Distinguished Name Country. --state=DN_STATE Certificate Distinguished Name STATE. --locality=DN_LOCALITY Certificate Distinguished Name Country. --org_name=DN_ORG_NAME Certificate Distinguished Name Organization Name. --org_unit=DN_ORG_UNIT Certificate Distinguished Name Organization Unity. --email=DN_EMAIL Certificate Distinguished Name Email Address. --common_name=DN_COMMON_NAME Certificate Distinguished Name Common Name.
Synchronize existing resources with the database.
--override Override current resources max_req and dflt_req
Creates the tincd config files and Server.tinc object.
After running setuptinc
, in order to apply configuration changes the following services should be restarted: tincd
, uwsgi
, celeryd
. You can restart they by running this command:
sudo python manage.py restartservices
.
--username=USERNAME Specifies the login for the superuser. --mgmt_prefix=MGMT_PREFIX Mgmt prefix, the settings file will be updated. --default_port=DEFAULT_PORT Tinc port default, the settings file will be updated. --address=ADDRESS Tinc BindToAddress. --net_name=NET_NAME Tinc net name. --nohup=NOHUP Whether we want to send a HUP signal to tinc after an update or not. It requires sudo.
Updates tincd hosts files according to information stored on the database.